Security Operations Lead
EarnestSalary not specified
Full Time
Senior (5 to 8 years), Expert & Leadership (9+ years)
Not SpecifiedCompensation
Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
UnknownVisa
Information Security, BiotechnologyIndustries
Requirements
Candidates must have experience with modern security principles such as security data lakes, detections as code, EDR, and zero trust networking, along with demonstrated experience in incident response and management. Proven experience in developing, deploying, and maintaining detection rules (e.g., Sigma, YARA, Splunk SPL, KQL) across various security platforms is required. A strong understanding of common attack frameworks like MITRE ATT&CK and authentication/authorization schemes such as SAML, OpenID, OAuth2, and SCIM is necessary. Experience scripting/coding in Python, NodeJS, Ruby, or Bash is essential. Excellent communication skills, comfort with ambiguity, strong analytical acumen, and self-motivation are also required.
Responsibilities
The Security Operations Engineer will monitor security events and alerts using various security tooling to identify and triage potential threats. They will develop, implement, and maintain high-fidelity detection rules and alerts within SIEM and other security platforms. Responsibilities include conducting continuous tuning and optimization of existing detection logic, responding to issues identified by employees, and acting as a security incident response lead. The role involves building and managing security playbooks, conducting security assessments through vulnerability testing and threat hunts, and performing security reviews of corporate properties. Additionally, the engineer will lead security incident response tabletop exercises, evolve the use of Cribl products in the security tech stack, and collaborate with threat intelligence teams to integrate new indicators of compromise into detection strategies.
Skills
Security Operations
Threat Detection
Incident Management
Incident Triage
Incident Investigation
Detection Logic
Security Data Lakes
Detections as Code
EDR
Zero Trust Networking
Sigma
YARA
Splunk SPL
KQL
MITRE ATT&CK
Authentication
Cribl
Data observability solutions for tech businesses
About Cribl
Cribl operates in the data observability market, helping tech businesses monitor, analyze, and visualize their data for better operational and security insights. The company offers two main products: Cribl Stream and Cribl Edge. Cribl Stream enables businesses to efficiently route and transform logs and metrics, either on their own infrastructure or through cloud services, ensuring timely data delivery. Cribl Edge focuses on collecting and processing real-time observability data from edge devices, which can then be sent to Cribl Stream or other destinations. Cribl distinguishes itself by integrating seamlessly with platforms like Office 365 and Microsoft Azure, allowing clients to enhance their data management capabilities. The company's goal is to create effective data ecosystems that empower organizations to make sense of their data.
San Francisco, CaliforniaHeadquarters
2018Year Founded
$576.3MTotal Funding
SERIES_ECompany Stage
Data & Analytics, Enterprise SoftwareIndustries
501-1,000Employees
Benefits
Competitive Salary
Stock Options
Medical, dental, and vision insurance
Flexible spending account (FSA)
401(k) plan offered (US)
Parental Leave
Professional Development and Career Growth
Generous Vacation and Holiday Policy, including 2 Floating Holidays for holidays you observe
Employee Resource Groups that reflect our values driven company culture
Risks
Emerging data observability startups could threaten Cribl's market share with competitive pricing.
Rapid AI advancements may outpace Cribl's offerings if not updated timely.
Economic downturns could impact Cribl's ability to maintain its high valuation.
Differentiation
Cribl offers unique data routing and transformation with Cribl Stream and Cribl Edge.
The company integrates seamlessly with major platforms like Office 365 and Microsoft Azure.
Cribl's focus on real-time data processing sets it apart in the data observability market.
Upsides
Cribl raised $319M in Series E funding, boosting its valuation to $3.5 billion.
The rise of multi-cloud strategies enhances Cribl's integration capabilities across cloud environments.
Increased demand for edge computing solutions positions Cribl Edge for significant growth.
Related Jobs
RemoteRemoteSecurity Operations Engineer
TailscaleSalary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteSenior SOC Security Engineer
CalendlySalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteManager, Detections
Shift5Salary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteSenior Consultant, Cloud Incident Response (Remote)
CrowdstrikeSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSr. Engineer, Product Abuse - Product Security (Remote)
CrowdstrikeSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteCyber Incident Response/Customer Security Operations - SkillBridge Int…
ZscalerSalary not specified
- Full Time
- Internship
RemoteSenior Intelligent Automation Engineer (Security)
NerdWallet$136,000 - $252,000/year
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSenior Security Engineer, Detection & Response
HeadspaceSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSenior Security Engineer, Detection and Response
1PasswordSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteThreat Intelligence Analyst
VultrSalary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteManager, Security Engineering
HeadwaySalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteCloud Threat Hunting Senior Consultant (Remote)
CrowdstrikeSalary not specified
- Full Time
- Senior (5 to 8 years)